Browse Source
This makes the implementation itself much more readable. At this point
all errata have been tested with a script [1] to make sure the migration
kept everything the same. It reported 1508412, 1946167, and
CVE_2022_23960 as having some mismatch. The first has a small
non-trivial change that results in identical behaviour. The second is
non-trivial to compare, but manual inspection shows it is identical. The
CVE had no workaround function previously, however, the instructions are
indeed identical. All errata have been checked that they get invoked.
The script's commandline looks like:
./script.py cortex_a77 /path/to/tf-a-with-changes /path/to/tf-a-clean/
[1]: the script:
import re
import subprocess
import sys
def full_cpu_name():
return sys.argv[1]
def old_cpu_name():
return sys.argv[1].split('_')[1]
def new_build():
return sys.argv[2]
def old_build():
return sys.argv[3]
def get_dump(root_dir, symbol):
# bl31 includes more stuff
raw_dump = subprocess.run([
'aarch64-none-elf-objdump', f'--disassemble={symbol}',
root_dir + '/build/fvp/release/bl31/bl31.elf'
], capture_output=True, encoding='ascii'
).stdout
# get rid of objdump verbosity
raw_dump = raw_dump.split('\n')[7:-1]
# split arguments and remove addresses at the start
return [line.split('\t')[2:] for line in raw_dump]
def check_identical(new, old):
if old and old[-1][0] == 'isb':
old = old[:-1]
print(' NOTE: dropped trailing isb (ok on reset)')
if not new or not old or len(new) != len(old):
return False
for newi, oldi in zip(new, old):
if newi[0] == oldi[0] == 'b':
# ignore the address, compare just the name
if newi[1].split(' ')[1] != newi[1].split(' ')[1]:
return False
continue # identical, proceed
if newi != oldi:
return False
return True
FLAG_RE = r'report_errata (.*?), '
cpu_path = old_build() + '/lib/cpus/aarch64/' + full_cpu_name() + '.S'
with open(cpu_path) as cpu_src:
errata_flags = re.findall(FLAG_RE, cpu_src.read())
errata_ids = [flg.split('_')[-1] for flg in errata_flags]
print('List of flags to build with:')
print(' '.join([flg + '=1' for flg in errata_flags]))
input((
'Press enter when your patch in argv[2] and '
'the top of master in argv[3] are both built for release...'
))
for id in errata_ids:
new_check = get_dump(new_build(),
f'check_erratum_{full_cpu_name()}_{id}')
old_check = get_dump(old_build(), f'check_errata_{id}')
new_wa = get_dump(new_build(), f'erratum_{full_cpu_name()}_{id}_wa')
old_wa = get_dump(old_build(), f'errata_{old_cpu_name()}_{id}_wa')
# remove the boilerplate for each (mov, bl, cbz, ret)
new_wa = new_wa[4:-3]
old_wa = old_wa[3:-1]
print(f'Checking {id} . . .')
if not check_identical(new_check, old_check):
print(f' Check {id} check function manually!')
if not check_identical(new_wa, old_wa):
print(f' Check {id} workaround manually!')
print('All previous errata checked against their migrations')
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I987ded7962f3449344feda47e314994f400e85b8
pull/2000/head
Boyan Karatotev
2 years ago
committed by
Sona Mathew
Sona Mathew
1 changed files with 9 additions and 24 deletions
Loading…
Reference in new issue